message-notific.club/tds/daopush
172.67.199.188301 Moved Permanently 0 B URL HTTP/1.1 message-notific.club/tds/daopush
IP 172.67.199.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /tds/daopush HTTP/1.1
Host: message-notific.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 04:31:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 05:31:23 GMT
Location: https://message-notific.club/tds/daopush
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRzjjV%2F7%2FlRYbH8qbnDl9jWMPZsJ9Owtv85XQA8kWAbcYB6bzNzuK%2FOzxX1zndDsWxyc%2FTuoqaPzHoMZjfOyCjUoaGB%2FYEo5xF2FGTc%2FG%2Fe8h2WI%2B76zsT8vGQXSAuLoFn1cXMABIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ae108e9ea41bfe-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 03:50:25 GMT
Expires: Sun, 16 Oct 2022 03:59:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ieFx59EFwEMhfvV_tjLbpR6cHbtxdJV6-rVZQHYjY5hBRgEr5ySoaQ==
Age: 2459
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6566
Expires: Sun, 16 Oct 2022 06:20:50 GMT
Date: Sun, 16 Oct 2022 04:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7897
Expires: Sun, 16 Oct 2022 06:43:01 GMT
Date: Sun, 16 Oct 2022 04:31:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m9DYmS6kAL/2l1k8rjSHgxILZscUAWnatcGlPK7ncjN7LHPH2XFF+0WPQhreo6eotJT/toQwTkM=
x-amz-request-id: FJGZ8JYZMQJB40VH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 04:02:51 GMT
age: 1713
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 863cad205c5f9cfe0ad6bbfff55753f1
1b73b947b7c4acdabd65869a5a43d615ef95fc87
5a4dcba93935aac86cc4c7c45c4d40f7b9e92e338af377cc6afc655cd8f44527
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138231
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b0213-117"
Expires: Mon, 17 Oct 2022 18:55:15 GMT
Last-Modified: Sat, 15 Oct 2022 18:55:15 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:31:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 863cad205c5f9cfe0ad6bbfff55753f1
1b73b947b7c4acdabd65869a5a43d615ef95fc87
5a4dcba93935aac86cc4c7c45c4d40f7b9e92e338af377cc6afc655cd8f44527
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138231
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b0213-117"
Expires: Mon, 17 Oct 2022 18:55:15 GMT
Last-Modified: Sat, 15 Oct 2022 18:55:15 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 76aa886e50744f1cff3e37ef5e08c610
4de95b31dd6f2f2e870fd6fa2a42c2fba4587030
e260dd6fb84d71d68332b7160c6b7c7e609b13b1c24e53a93c25571e95ace821
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171697
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634b84cd-1d7"
Expires: Tue, 18 Oct 2022 04:13:01 GMT
Last-Modified: Sun, 16 Oct 2022 04:13:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1tqVUc1UY1JMz8wOsXsgMsKg5Sv2Q2m0zJ-8OlhHmvxPVGGgG7xFBA==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 16 Oct 2022 04:07:43 GMT
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BBTB-RjJO8YnDnoRj1y7rWf2qD-HOFWtSdZaLhABxsvaRarAxOcnuw==
Age: 1421
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3046
Cache-Control: max-age=102377
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:24 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 08:57:41 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tAmE+6h1P1FSd4vtcpayJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2SLu3GXRCg1b4rWV6Or52iAwUu8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gomydates.com/bridge/intg.js?v=8
3.67.232.45200 OK 317 B URL HTTP/2 gomydates.com/bridge/intg.js?v=8
IP 3.67.232.45:0
File type ASCII text, with very long lines (316)
Hash d9bd6d4fe07232e0fcae03c7e68d4e81
4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b
0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6
Analyzer Verdict Alert fortinet Phishing
GET /bridge/intg.js?v=8 HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
content-length: 317
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"13d-183d17d3fb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5fada94ec59c5b97b9510ed352eae4fe
50c92953754d931fd10d4789a2d3a651f042551e
71356493f95aaee7069bb3b06b02e9709a630276e702b9d0b418f9cc3817a367
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6249
Cache-Control: max-age=146264
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b090c-118"
Expires: Mon, 17 Oct 2022 21:09:09 GMT
Last-Modified: Sat, 15 Oct 2022 19:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5745508
expires: Fri, 06 Oct 2023 04:31:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KMcuGdgi0ofxB3ORjyWjAfqya8Zq91mPcWpyfiYr1VpmcmZPsARLBi3WRsmyk9tDGaYna7S1l%2FQiQ8QYCt51YAxgCWTkmpSBIRAjuWTU5eOSaEsx78dYekteG%2Fmd%2BuqSX5UQ2u9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75ae109a1fadb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5fada94ec59c5b97b9510ed352eae4fe
50c92953754d931fd10d4789a2d3a651f042551e
71356493f95aaee7069bb3b06b02e9709a630276e702b9d0b418f9cc3817a367
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6249
Cache-Control: max-age=146264
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b090c-118"
Expires: Mon, 17 Oct 2022 21:09:09 GMT
Last-Modified: Sat, 15 Oct 2022 19:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
gomydates.com/bridge/ao_loader.js
3.67.232.45200 OK 836 B URL HTTP/2 gomydates.com/bridge/ao_loader.js
IP 3.67.232.45:0
File type ASCII text, with very long lines (835)
Hash 9c129816fdafb5e9525563ba64018bd7
79dfb5a385a3583a597716ac4b1e1649e9b9994d
43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao_loader.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
content-length: 836
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"344-183d17d3fb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
172.217.21.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 386464
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.168200 OK 49 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (4073)
Hash 4cb9073f83d1628f57d8a78169973a0e
e3f33c9bfa46504ca25af6d751ec67da167472d7
6fb982a1c0be0d31be2f9daccdd3174e9ed523334d346079ecaeecd0c8dc823f
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 04:31:25 GMT
expires: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: private, max-age=900
last-modified: Sun, 16 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn3reference.com/landings/23302/images/bg-web2.jpg
54.230.111.111200 OK 134 kB URL HTTP/2 cdn3reference.com/landings/23302/images/bg-web2.jpg
IP 54.230.111.111:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1813x809, components 3\012- data
Size 134 kB (134448 bytes)
Hash ef1a29775d4ead3628064718b908a24d
bdd05dca0cd677973768797fef9bf486a63b8929
650dc0654bd6a95350f544d863fc2a8cf6ac1010a9075b476febee2d861dc77b
GET /landings/23302/images/bg-web2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 134448
server: nginx
last-modified: Tue, 02 Apr 2019 14:25:38 GMT
accept-ranges: bytes
date: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: public, max-age=604800
etag: "20d30-5858ce9347c80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9VIEnB1b16wY9DOBuYViD0GcDSXJlCM_Kybs1QzErY5haouZUFku0w==
X-Firefox-Spdy: h2
cdn3reference.com/js/dc_img.js?v=8
54.230.111.111200 OK 795 B URL HTTP/2 cdn3reference.com/js/dc_img.js?v=8
IP 54.230.111.111:0
Hash 7420f510cd4ac8a7b078d08005c1c6df
1030281000d92c7c66c62cea30d7eaec2a53b03e
3bad7180c3b574808c7dd3ee87729044616339642f8b8f9ba9902ac26f2a30f1
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v9oqMusrDsElDD297X6K1qmJNiJt8qcMo0TwMpUWkP-Zr1a0ThC1_Q==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 0d383db64d69da7c461bb6c5c47c0083
81c3aad9cdea315c49725ec398a08e8600d09581
b3edb516c961ac7c952dd32259ce0410f62c93fd211694e8b2a44177640b3ca0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140714
Date: Sun, 16 Oct 2022 04:31:25 GMT
Etag: "634b0bc7-1d7"
Expires: Mon, 17 Oct 2022 19:36:39 GMT
Last-Modified: Sat, 15 Oct 2022 19:36:39 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8NfaVZ2jw4hD70kSGN2w6cig9ZLLzZFrqO45Q0fef7wAeDb-AHYxPw==
gomydates.com/integration.js
3.67.232.45200 OK 206 kB URL HTTP/2 gomydates.com/integration.js
IP 3.67.232.45:0
Size 206 kB (205581 bytes)
Hash 74a0ea897bdab5083867a77f21096449
713de464f2357910332681583403621639aa84b1
1872936a3892a2dd9500fc18f13885ea26076bd7203ad23274188e4de8b3dfd1
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"712-Q+yk3zBuTn4ZI0qMEgCg2J4yFEI"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gomydates.com/ao.js
3.67.232.45200 OK 2.6 kB IP 3.67.232.45:0
Hash ff1698e2ea1bfd5e85e4533296ae0808
7e6e49a566f3318800098d0a7ec0e19a3ebe0136
6067220559b275c466a0a474611cacb4278db86c20879e5fc4c4baa40950b742
Analyzer Verdict Alert fortinet Phishing
GET /ao.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"1509-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
142.250.74.163200 OK 11 kB URL HTTP/2 www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (40876)
Hash 5df942bc55c20f421cf56876855ced51
61e1c33b26d5a693425a8c229f90b1ea39736f29
3fb9f58427a7229af7bfb3c37e2f9718ba1e8776c368a80c511c6e27466d4932
GET /firebasejs/8.6.8/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10869
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 00:45:10 GMT
expires: Sat, 14 Oct 2023 00:45:10 GMT
cache-control: public, max-age=31536000
age: 186376
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13987
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:31:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13987
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:31:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3de9de60463838cdf30a974f092684
542b753fe420651c67739d3c51927e10ececa4aa
b69cc2d2af1d3bfb36a82198562fefbe822f58249e6f85903b3bbe8c207468b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4070
x-amzn-requestid: 2de050df-01e6-487a-99ff-ac452ecb3706
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFCpbFUbIAMF9dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b7e3c-2ee6c44f4993d1a51ba3e9cb;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:45:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pZjRH7IfMdLhJexGioaByUi4ASNvUMhq41oYLzcH5VKXL228XdRP-w==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 03:49:28 GMT
age: 2518
etag: "542b753fe420651c67739d3c51927e10ececa4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 24062
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YVZ4EN-w7lmXTXKTy_A-9P0TW0zAqSa7j5_G2M1XnS-j3EfJSEFplw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
age: 23557
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc2961d5-5c3c-41f9-9f68-1ffdbc852581.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc2961d5-5c3c-41f9-9f68-1ffdbc852581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dba6e2332080f3b6c7edd6400a328d77
2fe9ab49ee40a2aec3084ed18ef457aecf3f3757
9cfbe2aa4d5544b278ac75bf3ebd12ee576ca054da2ddf1ead3529940891d386
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc2961d5-5c3c-41f9-9f68-1ffdbc852581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8007
x-amzn-requestid: 308881cf-addb-4995-91fc-d8df1d91f3f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEM1PHjMoAMFZZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2821-5db9f4a67c2151ed1eb72837;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:37:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uVVNK741OSPGLE1Jg_Qjdrpm_Xkp6CRFjtWDlxvcUtYO8hvadsydA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:53:43 GMT
age: 23863
etag: "2fe9ab49ee40a2aec3084ed18ef457aecf3f3757"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f852a58da0bf5c1c5b3d4c9531078b08
96b58ac0e71afe7d4ba43fa592130f3611eb6df7
d404e20f16943bf168b422da6477716f9b37f38927ce078bf19504a581558f75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: be75e58e-a1b4-46fa-bdf2-b94a7270a86e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL3-EhrIAMFlcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2699-544110ce3f2002e57bc3422f;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:05 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wKNlz7C47Wd9aokVCdgEIgK4KijtdK5hlL6jmV96_Xv3t5osOzqcVQ==
via: 1.1 f83d0d4febf7c22c3236bd42fa6dcd96.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
etag: "96b58ac0e71afe7d4ba43fa592130f3611eb6df7"
content-type: image/jpeg
age: 23557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N64ALU7tuIg6L--gmnkJq08f3A2Vn0Cl3wlRBLim7RhWN_VnCftrng==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 03:49:28 GMT
age: 2518
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gomydates.com/ufis/webpush/track?uaDataValues={}&networkGroup=
3.67.232.45200 OK 30 B URL HTTP/2 gomydates.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.67.232.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1197
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
gomydates.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
3.67.232.45200 OK 3.2 kB URL HTTP/2 gomydates.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP 3.67.232.45:0
Hash 50fc703d259fd05df6c94c3fea6e44f6
5536ae75b987bd2d8711b9e3f4ab303fd9d4420a
5696afe9d4823b99a6ebee9e4e0461073e0508e992169f9e62fc0f626d602ddb
GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gomydates.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
3.67.232.45200 OK 859 B URL HTTP/2 gomydates.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP 3.67.232.45:0
Hash 75e2927a6493c57d38d3f62931ec1a1d
afeb464eb39f65dc41c2ed57709536b041f31f0f
1972aa34cde18b82ca0378c6c7aa9b03d405b59f618bf575465eec4e796de6b9
GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gomydates.com/tds/interlayer?handler=FrodiData
3.67.232.45200 OK 0 B URL HTTP/2 gomydates.com/tds/interlayer?handler=FrodiData
IP 3.67.232.45:0
Analyzer Verdict Alert fortinet Phishing
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1590
Origin: https://gomydates.com
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2
gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}
3.67.232.45302 Found 0 B URL HTTP/2 gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}
IP 3.67.232.45:0
GET /tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2} HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 16 Oct 2022 04:31:24 GMT
location: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; Max-Age=31536000; Domain=.gomydates.com; Path=/; Expires=Mon, 16 Oct 2023 04:31:24 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Fri, 21 Oct 2022 04:31:24 GMT
X-Firefox-Spdy: h2
cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css
IP 54.230.111.111:0
GET /landings/23302/css/62785c7b6ca9a16c41ce1f973cf812b4.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Tue, 02 Apr 2019 15:21:31 GMT
content-encoding: gzip
etag: W/"5c1-5858db10f34c0"
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bBJr3e9CM8VUfKYqTaFQsiv-ny4Ju7zCATZxhzKlxMDRuD0PEZebew==
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name=
35.157.196.4200 OK 0 B URL HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name=
IP 35.157.196.4:0
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&j_type=open&jump=23302&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=61727fcdb4f8352fb53a59b04b989e172ff7bc20; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Mon, 16 Oct 2023 04:31:26 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP 54.230.111.111:0
GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
etag: W/"22c1-579821b2406fb"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0dViBrpOK7K513ZC9AWKkzCY3Mj5JxrEY0-OCB7bhNNFSt9SYccXAw==
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
35.157.196.4200 OK 0 B URL HTTP/2 retarget2core.com/fp/fp_ec.js
IP 35.157.196.4:0
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:26 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"4bd-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
message-notific.club/tds/daopush
172.67.199.188302 Found 0 B URL HTTP/2 message-notific.club/tds/daopush
IP 172.67.199.188:0
Analyzer Verdict Alert fortinet Phishing
GET /tds/daopush HTTP/1.1
Host: message-notific.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 16 Oct 2022 04:31:24 GMT
content-type: text/html; charset=UTF-8
location: https://gomydates.com/tds/ae?tdsId=s0624kas_r&tds_campaign=s0624kas&utm_sub=opnfnl&s1=ps&utm_source=intc&affid=9559e5a1&subid=dao&clickid={clickid}&subid2={subid2}
access-control-allow-origin: *
set-cookie: qwerty_daopush=0; expires=Wed, 19-Oct-2022 22:31:24 GMT; Max-Age=324000; path=/
cache-control: max-age=172800, private, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQV36K%2FDJaXVarQ5qguruNMllPbjI0OItOi%2FVwxA1c7HO1zqk7pAyh1mRrkkpiV4P%2FDuzvOO1V3v37SrgjCMuLnpMbU064mrCuAHBbCqkIl6o6MxtM1wT%2Fw2ARtSV0OGxXES07zqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ae10909d5b0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
3.67.232.45200 OK 0 B URL HTTP/2 gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
IP 3.67.232.45:0
GET /jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1 HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27
IP 142.250.74.10:0
GET /css?family=Lato:400,900,300%27%20rel=%27stylesheet%27%20type=%27text/css%27 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 04:31:25 GMT
date: Sun, 16 Oct 2022 04:31:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP 54.230.111.111:0
GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 16 Oct 2022 04:31:25 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
etag: W/"1340-579821b240313"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ZHlu32VuzzdPJgNJWm24MybJfbLTq4PlOKXo37cm32z4EQL6D3Www==
X-Firefox-Spdy: h2
gomydates.com/bridge/frodi_data.js
3.67.232.45200 OK 0 B URL HTTP/2 gomydates.com/bridge/frodi_data.js
IP 3.67.232.45:0
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: gomydates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gomydates.com/jump?tds_cid=06d94fd0618225e84a5dfca486bcbcae831a9a8a&dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c&clickid=%7Bclickid%7D&tds_oid=23302&s1=ps&tds_rt=&tds_campaign=b0506rie&_tgUrl=aHR0cHM6Ly9nb215ZGF0ZXMuY29tL3Rkcy9hZS90Zy9zL2MyYTEwYjZhNTA2NjRjOWNjOGY3ZGNiYzA5YmQxNzc2P19fdD0xNjY1ODk0Njg0OTQzJl9fbD0zNjAw&subid2=%7Bsubid2%7D&affid=9559e5a1&id=23302&tds_ac_id=s0624kas&tds_id=b0506rie_jump_a_1601039183809&tds_host=gomydates.com&tds_p_campaign=b4979kas&subid=dao&utm_source=intc&tds_ao=1
Cookie: dci=38150a1bfba8e4c7fc687d9bcc8948b61cf0129c; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:31:25 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 13 Oct 2022 13:16:30 GMT
etag: W/"19f8-183d17d3fb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2